summaryrefslogtreecommitdiff
path: root/vendor
diff options
context:
space:
mode:
Diffstat (limited to 'vendor')
-rw-r--r--vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go1
-rw-r--r--vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/config.go3
-rw-r--r--vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/oci.go1
-rw-r--r--vendor/github.com/containers/common/libnetwork/etchosts/hosts.go339
-rw-r--r--vendor/github.com/containers/common/libnetwork/etchosts/ip.go91
-rw-r--r--vendor/github.com/containers/common/libnetwork/etchosts/util.go30
-rw-r--r--vendor/golang.org/x/crypto/ssh/terminal/terminal.go76
-rw-r--r--vendor/modules.txt5
8 files changed, 467 insertions, 79 deletions
diff --git a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go
index 59f01acb7..46fca2dac 100644
--- a/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go
+++ b/vendor/github.com/container-orchestrated-devices/container-device-interface/pkg/cdi/spec.go
@@ -34,6 +34,7 @@ var (
"0.1.0": {},
"0.2.0": {},
"0.3.0": {},
+ "0.4.0": {},
}
// Externally set CDI Spec validation function.
diff --git a/vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/config.go b/vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/config.go
index 090e30e43..e16174f9d 100644
--- a/vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/config.go
+++ b/vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/config.go
@@ -3,7 +3,7 @@ package specs
import "os"
// CurrentVersion is the current version of the Spec.
-const CurrentVersion = "0.3.0"
+const CurrentVersion = "0.4.0"
// Spec is the base configuration for CDI
type Spec struct {
@@ -45,6 +45,7 @@ type Mount struct {
HostPath string `json:"hostPath"`
ContainerPath string `json:"containerPath"`
Options []string `json:"options,omitempty"`
+ Type string `json:"type,omitempty"`
}
// Hook represents a hook that needs to be added to the OCI spec.
diff --git a/vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/oci.go b/vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/oci.go
index 10bc9fa23..14a0f6a0b 100644
--- a/vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/oci.go
+++ b/vendor/github.com/container-orchestrated-devices/container-device-interface/specs-go/oci.go
@@ -95,6 +95,7 @@ func (m *Mount) ToOCI() spec.Mount {
Source: m.HostPath,
Destination: m.ContainerPath,
Options: m.Options,
+ Type: m.Type,
}
}
diff --git a/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go b/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go
new file mode 100644
index 000000000..ce248a181
--- /dev/null
+++ b/vendor/github.com/containers/common/libnetwork/etchosts/hosts.go
@@ -0,0 +1,339 @@
+package etchosts
+
+import (
+ "bufio"
+ "errors"
+ "fmt"
+ "io"
+ "os"
+ "strings"
+
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/common/pkg/util"
+)
+
+const (
+ hostContainersInternal = "host.containers.internal"
+ localhost = "localhost"
+)
+
+type HostEntries []HostEntry
+
+type HostEntry struct {
+ IP string
+ Names []string
+}
+
+// Params for the New() function call
+type Params struct {
+ // BaseFile is the file where we read entries from and add entries to
+ // the target hosts file. If the name is empty it will not read any entries.
+ BaseFile string
+ // ExtraHosts is a slice of entries in the "hostname:ip" format.
+ // Optional.
+ ExtraHosts []string
+ // ContainerIPs should contain the main container ipv4 and ipv6 if available
+ // with the container name and host name as names set.
+ // Optional.
+ ContainerIPs HostEntries
+ // HostContainersInternalIP is the IP for the host.containers.internal entry.
+ // Optional.
+ HostContainersInternalIP string
+ // TargetFile where the hosts are written to.
+ TargetFile string
+}
+
+// New will create a new hosts file and write this to the target file.
+// This function does not prevent any kind of concurrency problems, it is
+// the callers responsibility to avoid concurrent writes to this file.
+// The extraHosts are written first, then the hosts from the file baseFile and the
+// containerIps. The container ip entry is only added when the name was not already
+// added before.
+func New(params *Params) error {
+ if err := new(params); err != nil {
+ return fmt.Errorf("failed to create new hosts file: %w", err)
+ }
+ return nil
+}
+
+// Add adds the given entries to the hosts file, entries are only added if
+// they are not already present.
+// Add is not atomic because it will keep the current file inode. This is
+// required to keep bind mounts for containers working.
+func Add(file string, entries HostEntries) error {
+ if err := add(file, entries); err != nil {
+ return fmt.Errorf("failed to add entries to hosts file: %w", err)
+ }
+ return nil
+}
+
+// AddIfExists will add the given entries only if one of the existsEntries
+// is in the hosts file. This API is required for podman network connect.
+// Since we want to add the same host name for each network ip we want to
+// add duplicates and the normal Add() call prevents us from doing so.
+// However since we also do not want to overwrite potential entries that
+// were added by users manually we first have to check if there are the
+// current expected entries in the file. Note that this will only check
+// for one match not all. It will also only check that the ip and one of
+// the hostnames match like Remove().
+func AddIfExists(file string, existsEntries, newEntries HostEntries) error {
+ if err := addIfExists(file, existsEntries, newEntries); err != nil {
+ return fmt.Errorf("failed to add entries to hosts file: %w", err)
+ }
+ return nil
+}
+
+// Remove will remove the given entries from the file. An entry will be
+// removed when the ip and at least one name matches. Not all names have
+// to match. If the given entries are not present in the file no error is
+// returned.
+// Remove is not atomic because it will keep the current file inode. This is
+// required to keep bind mounts for containers working.
+func Remove(file string, entries HostEntries) error {
+ if err := remove(file, entries); err != nil {
+ return fmt.Errorf("failed to remove entries from hosts file: %w", err)
+ }
+ return nil
+}
+
+// new see comment on New()
+func new(params *Params) error {
+ entries, err := parseExtraHosts(params.ExtraHosts)
+ if err != nil {
+ return err
+ }
+ entries2, err := parseHostsFile(params.BaseFile)
+ if err != nil {
+ return err
+ }
+ entries = append(entries, entries2...)
+
+ // preallocate the slice with enough space for the 3 special entries below
+ containerIPs := make(HostEntries, 0, len(params.ContainerIPs)+3)
+
+ // if localhost was not added we add it
+ // https://github.com/containers/podman/issues/11411
+ lh := []string{localhost}
+ l1 := HostEntry{IP: "127.0.0.1", Names: lh}
+ l2 := HostEntry{IP: "::1", Names: lh}
+ containerIPs = append(containerIPs, l1, l2)
+ if params.HostContainersInternalIP != "" {
+ e := HostEntry{IP: params.HostContainersInternalIP, Names: []string{hostContainersInternal}}
+ containerIPs = append(containerIPs, e)
+ }
+ containerIPs = append(containerIPs, params.ContainerIPs...)
+
+ if err := writeHostFile(params.TargetFile, entries, containerIPs); err != nil {
+ return err
+ }
+ return nil
+}
+
+// add see comment on Add()
+func add(file string, entries HostEntries) error {
+ currentEntries, err := parseHostsFile(file)
+ if err != nil {
+ return err
+ }
+
+ names := make(map[string]struct{})
+ for _, entry := range currentEntries {
+ for _, name := range entry.Names {
+ names[name] = struct{}{}
+ }
+ }
+
+ // open file in append mode since we only add, we do not have to write existing entries again
+ f, err := os.OpenFile(file, os.O_WRONLY|os.O_APPEND, 0o644)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ return addEntriesIfNotExists(f, entries, names)
+}
+
+// addIfExists see comment on AddIfExists()
+func addIfExists(file string, existsEntries, newEntries HostEntries) error {
+ // special case when there are no existing entries do a normal add
+ // this can happen when we connect a network which was not connected
+ // to any other networks before
+ if len(existsEntries) == 0 {
+ return add(file, newEntries)
+ }
+
+ currentEntries, err := parseHostsFile(file)
+ if err != nil {
+ return err
+ }
+
+ for _, entry := range currentEntries {
+ if !checkIfEntryExists(entry, existsEntries) {
+ // keep looking for existing entries
+ continue
+ }
+ // if we have a matching existing entry add the new entries
+ // open file in append mode since we only add, we do not have to write existing entries again
+ f, err := os.OpenFile(file, os.O_WRONLY|os.O_APPEND, 0o644)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ for _, e := range newEntries {
+ if _, err = f.WriteString(formatLine(e.IP, e.Names)); err != nil {
+ return err
+ }
+ }
+ return nil
+ }
+ // no match found is no error
+ return nil
+}
+
+// remove see comment on Remove()
+func remove(file string, entries HostEntries) error {
+ currentEntries, err := parseHostsFile(file)
+ if err != nil {
+ return err
+ }
+
+ f, err := os.Create(file)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ for _, entry := range currentEntries {
+ if checkIfEntryExists(entry, entries) {
+ continue
+ }
+ if _, err = f.WriteString(formatLine(entry.IP, entry.Names)); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func checkIfEntryExists(current HostEntry, entries HostEntries) bool {
+ // check if the current entry equals one of the given entries
+ for _, rm := range entries {
+ if current.IP == rm.IP {
+ // it is enough if one of the names match, in this case we remove the full entry
+ for _, name := range current.Names {
+ if util.StringInSlice(name, rm.Names) {
+ return true
+ }
+ }
+ }
+ }
+ return false
+}
+
+// parseExtraHosts converts a slice of "name:ip" string to entries.
+// Because podman and buildah both store the extra hosts in this format
+// we convert it here instead of having to this on the caller side.
+func parseExtraHosts(extraHosts []string) (HostEntries, error) {
+ entries := make(HostEntries, 0, len(extraHosts))
+ for _, entry := range extraHosts {
+ values := strings.SplitN(entry, ":", 2)
+ if len(values) != 2 {
+ return nil, fmt.Errorf("unable to parse host entry %q: incorrect format", entry)
+ }
+ if values[0] == "" {
+ return nil, fmt.Errorf("hostname in host entry %q is empty", entry)
+ }
+ if values[1] == "" {
+ return nil, fmt.Errorf("IP address in host entry %q is empty", entry)
+ }
+ e := HostEntry{IP: values[1], Names: []string{values[0]}}
+ entries = append(entries, e)
+ }
+ return entries, nil
+}
+
+// parseHostsFile parses a given host file and returns all entries in it.
+// Note that this will remove all comments and spaces.
+func parseHostsFile(file string) (HostEntries, error) {
+ // empty file is valid, in this case we skip adding entries from the file
+ if file == "" {
+ return nil, nil
+ }
+
+ f, err := os.Open(file)
+ if err != nil {
+ // do not error when the default hosts file does not exists
+ // https://github.com/containers/podman/issues/12667
+ if errors.Is(err, os.ErrNotExist) && file == config.DefaultHostsFile {
+ return nil, nil
+ }
+ return nil, err
+ }
+ defer f.Close()
+
+ entries := HostEntries{}
+ scanner := bufio.NewScanner(f)
+ for scanner.Scan() {
+ // split of the comments
+ line := scanner.Text()
+ if c := strings.IndexByte(line, '#'); c != -1 {
+ line = line[:c]
+ }
+ fields := strings.Fields(line)
+ // if we only have a ip without names we skip it
+ if len(fields) < 2 {
+ continue
+ }
+
+ e := HostEntry{IP: fields[0], Names: fields[1:]}
+ entries = append(entries, e)
+ }
+
+ return entries, scanner.Err()
+}
+
+// writeHostFile write the entries to the given file
+func writeHostFile(file string, userEntries, containerIPs HostEntries) error {
+ f, err := os.Create(file)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+
+ names := make(map[string]struct{})
+ for _, entry := range userEntries {
+ for _, name := range entry.Names {
+ names[name] = struct{}{}
+ }
+ if _, err = f.WriteString(formatLine(entry.IP, entry.Names)); err != nil {
+ return err
+ }
+ }
+
+ return addEntriesIfNotExists(f, containerIPs, names)
+}
+
+// addEntriesIfNotExists only adds the entries for names that are not already
+// in the hosts file, otherwise we start overwriting user entries
+func addEntriesIfNotExists(f io.StringWriter, containerIPs HostEntries, names map[string]struct{}) error {
+ for _, entry := range containerIPs {
+ freeNames := make([]string, 0, len(entry.Names))
+ for _, name := range entry.Names {
+ if _, ok := names[name]; !ok {
+ freeNames = append(freeNames, name)
+ }
+ }
+ if len(freeNames) > 0 {
+ if _, err := f.WriteString(formatLine(entry.IP, freeNames)); err != nil {
+ return err
+ }
+ }
+ }
+ return nil
+}
+
+// formatLine converts the given ip and names to a valid hosts line.
+// The returned string includes the newline.
+func formatLine(ip string, names []string) string {
+ return ip + "\t" + strings.Join(names, " ") + "\n"
+}
diff --git a/vendor/github.com/containers/common/libnetwork/etchosts/ip.go b/vendor/github.com/containers/common/libnetwork/etchosts/ip.go
new file mode 100644
index 000000000..3d14b7147
--- /dev/null
+++ b/vendor/github.com/containers/common/libnetwork/etchosts/ip.go
@@ -0,0 +1,91 @@
+package etchosts
+
+import (
+ "net"
+
+ "github.com/containers/common/libnetwork/types"
+ "github.com/containers/common/libnetwork/util"
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/storage/pkg/unshare"
+)
+
+// GetHostContainersInternalIP return the host.containers.internal ip
+// if netStatus is not nil then networkInterface also must be non nil otherwise this function panics
+func GetHostContainersInternalIP(conf *config.Config, netStatus map[string]types.StatusBlock, networkInterface types.ContainerNetwork) string {
+ switch conf.Containers.HostContainersInternalIP {
+ case "":
+ // if empty (default) we will automatically choose one below
+ // if machine we let the gvproxy dns server handle the dns name so do not add it
+ if conf.Engine.MachineEnabled {
+ return ""
+ }
+ case "none":
+ return ""
+ default:
+ return conf.Containers.HostContainersInternalIP
+ }
+ ip := ""
+ // Only use the bridge ip when root, as rootless the interfaces are created
+ // inside the special netns and not the host so we cannot use them.
+ if unshare.IsRootless() {
+ return getLocalIP()
+ }
+ for net, status := range netStatus {
+ network, err := networkInterface.NetworkInspect(net)
+ // only add the host entry for bridge networks
+ // ip/macvlan gateway is normally not on the host
+ if err != nil || network.Driver != types.BridgeNetworkDriver {
+ continue
+ }
+ for _, netInt := range status.Interfaces {
+ for _, netAddress := range netInt.Subnets {
+ if netAddress.Gateway != nil {
+ if util.IsIPv4(netAddress.Gateway) {
+ return netAddress.Gateway.String()
+ }
+ // ipv6 address but keep looking since we prefer to use ipv4
+ ip = netAddress.Gateway.String()
+ }
+ }
+ }
+ }
+ if ip != "" {
+ return ip
+ }
+ return getLocalIP()
+}
+
+// getLocalIP returns the non loopback local IP of the host
+func getLocalIP() string {
+ addrs, err := net.InterfaceAddrs()
+ if err != nil {
+ return ""
+ }
+ ip := ""
+ for _, address := range addrs {
+ // check the address type and if it is not a loopback the display it
+ if ipnet, ok := address.(*net.IPNet); ok && ipnet.IP.IsGlobalUnicast() {
+ if util.IsIPv4(ipnet.IP) {
+ return ipnet.IP.String()
+ }
+ // if ipv6 we keep looking for an ipv4 address
+ ip = ipnet.IP.String()
+ }
+ }
+ return ip
+}
+
+// GetNetworkHostEntries returns HostEntries for all ips in the network status
+// with the given hostnames.
+func GetNetworkHostEntries(netStatus map[string]types.StatusBlock, names ...string) HostEntries {
+ hostEntries := make(HostEntries, 0, len(netStatus))
+ for _, status := range netStatus {
+ for _, netInt := range status.Interfaces {
+ for _, netAddress := range netInt.Subnets {
+ e := HostEntry{IP: netAddress.IPNet.IP.String(), Names: names}
+ hostEntries = append(hostEntries, e)
+ }
+ }
+ }
+ return hostEntries
+}
diff --git a/vendor/github.com/containers/common/libnetwork/etchosts/util.go b/vendor/github.com/containers/common/libnetwork/etchosts/util.go
new file mode 100644
index 000000000..d78284594
--- /dev/null
+++ b/vendor/github.com/containers/common/libnetwork/etchosts/util.go
@@ -0,0 +1,30 @@
+package etchosts
+
+import (
+ "fmt"
+
+ "github.com/containers/common/pkg/config"
+ securejoin "github.com/cyphar/filepath-securejoin"
+)
+
+// GetBaseHostFile return the hosts file which should be used as base.
+// The first param should be the config value config.Containers.BaseHostsFile
+// The second param should be the root path to the mounted image. This is
+// required when the user conf value is set to "image".
+func GetBaseHostFile(confValue, imageRoot string) (string, error) {
+ switch confValue {
+ case "":
+ return config.DefaultHostsFile, nil
+ case "none":
+ return "", nil
+ case "image":
+ // use secure join to prevent problems with symlinks
+ path, err := securejoin.SecureJoin(imageRoot, config.DefaultHostsFile)
+ if err != nil {
+ return "", fmt.Errorf("failed to get /etc/hosts path in image: %w", err)
+ }
+ return path, nil
+ default:
+ return confValue, nil
+ }
+}
diff --git a/vendor/golang.org/x/crypto/ssh/terminal/terminal.go b/vendor/golang.org/x/crypto/ssh/terminal/terminal.go
deleted file mode 100644
index a4d1919a9..000000000
--- a/vendor/golang.org/x/crypto/ssh/terminal/terminal.go
+++ /dev/null
@@ -1,76 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package terminal provides support functions for dealing with terminals, as
-// commonly found on UNIX systems.
-//
-// Deprecated: this package moved to golang.org/x/term.
-package terminal
-
-import (
- "io"
-
- "golang.org/x/term"
-)
-
-// EscapeCodes contains escape sequences that can be written to the terminal in
-// order to achieve different styles of text.
-type EscapeCodes = term.EscapeCodes
-
-// Terminal contains the state for running a VT100 terminal that is capable of
-// reading lines of input.
-type Terminal = term.Terminal
-
-// NewTerminal runs a VT100 terminal on the given ReadWriter. If the ReadWriter is
-// a local terminal, that terminal must first have been put into raw mode.
-// prompt is a string that is written at the start of each input line (i.e.
-// "> ").
-func NewTerminal(c io.ReadWriter, prompt string) *Terminal {
- return term.NewTerminal(c, prompt)
-}
-
-// ErrPasteIndicator may be returned from ReadLine as the error, in addition
-// to valid line data. It indicates that bracketed paste mode is enabled and
-// that the returned line consists only of pasted data. Programs may wish to
-// interpret pasted data more literally than typed data.
-var ErrPasteIndicator = term.ErrPasteIndicator
-
-// State contains the state of a terminal.
-type State = term.State
-
-// IsTerminal returns whether the given file descriptor is a terminal.
-func IsTerminal(fd int) bool {
- return term.IsTerminal(fd)
-}
-
-// ReadPassword reads a line of input from a terminal without local echo. This
-// is commonly used for inputting passwords and other sensitive data. The slice
-// returned does not include the \n.
-func ReadPassword(fd int) ([]byte, error) {
- return term.ReadPassword(fd)
-}
-
-// MakeRaw puts the terminal connected to the given file descriptor into raw
-// mode and returns the previous state of the terminal so that it can be
-// restored.
-func MakeRaw(fd int) (*State, error) {
- return term.MakeRaw(fd)
-}
-
-// Restore restores the terminal connected to the given file descriptor to a
-// previous state.
-func Restore(fd int, oldState *State) error {
- return term.Restore(fd, oldState)
-}
-
-// GetState returns the current state of a terminal which may be useful to
-// restore the terminal after a signal.
-func GetState(fd int) (*State, error) {
- return term.GetState(fd)
-}
-
-// GetSize returns the dimensions of the given terminal.
-func GetSize(fd int) (width, height int, err error) {
- return term.GetSize(fd)
-}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index e95f0a618..b1e0e3a23 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -57,7 +57,7 @@ github.com/checkpoint-restore/go-criu/v5/rpc
github.com/checkpoint-restore/go-criu/v5/stats
# github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e
github.com/chzyer/readline
-# github.com/container-orchestrated-devices/container-device-interface v0.3.2
+# github.com/container-orchestrated-devices/container-device-interface v0.4.0
## explicit
github.com/container-orchestrated-devices/container-device-interface/pkg/cdi
github.com/container-orchestrated-devices/container-device-interface/specs-go
@@ -114,6 +114,7 @@ github.com/containers/buildah/util
github.com/containers/common/libimage
github.com/containers/common/libimage/manifests
github.com/containers/common/libnetwork/cni
+github.com/containers/common/libnetwork/etchosts
github.com/containers/common/libnetwork/internal/util
github.com/containers/common/libnetwork/netavark
github.com/containers/common/libnetwork/network
@@ -718,7 +719,6 @@ golang.org/x/crypto/ssh
golang.org/x/crypto/ssh/agent
golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
golang.org/x/crypto/ssh/knownhosts
-golang.org/x/crypto/ssh/terminal
# golang.org/x/net v0.0.0-20220225172249-27dd8689420f
golang.org/x/net/context
golang.org/x/net/html
@@ -744,6 +744,7 @@ golang.org/x/sys/unix
golang.org/x/sys/windows
golang.org/x/sys/windows/registry
# golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
+## explicit
golang.org/x/term
# golang.org/x/text v0.3.7
## explicit